When the Google Wallet was released, it was appreciated because it was something which everybody thought will greatly facilitate ease. However, new and worrisome flaws in the Google Wallet have now been brought under the radar. It was revealed that Google Wallet has some major flaws in it or as some may like to refer to it as “security loopholes”, which will give birth to digital pick-pocketing if not taken action against immediately.
Attention to the matter has been brought by Zvelo, which is a security firm that has said that the security flaw is noticeable and something very easy to do. The firm said it found out vulnerability in Google Wallet, the NFC payment system of Google, which allows anyone who has an already rooted cell phone and a functioning Google Wallet to get access to the Google Wallet PIN.
This loophole in security, the firm believes, will permit the hacker to use a smartphone that is Google Wallet enabled, to make purchases on the internet and shop online through the use of credit card details which are tied to the NFC chip. However, Google has pointed out that this situation is a low risk one since it functions only if the phone has been pre-rooted, by the owner of the phone himself or herself, and credit card details are still secure and not in jeopardy.
Smartphone blog called The Smartphone Champ has also pointed out towards the Google’s security loophole, referring to it as something which is “painfully easy to do” and does not require any additional software to do the job done. As Zvelo pointed out, the blog points that no rooted device is required to get the job done.
The issue is that the details of credit cards etc are tied to the phone and not the account of the person. This means that if a phone already has Google Wallet enabled, they can change its PIN by simply cleaning the data and information in Google Wallet app. Once that is done, the Google Wallet will require the hacker to use a new PIN. Since the data related to the credit card is tied to the phone, when the hacker or a person adds Google prepaid card in the Wallet application after he or she resets the data, the information of the old card will be added automatically to the application which will allow the hacker to access the credit card funds.
